高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于多维结构特征的硬件木马检测技术

严迎建 赵聪慧 刘燕江

严迎建, 赵聪慧, 刘燕江. 基于多维结构特征的硬件木马检测技术[J]. 电子与信息学报, 2021, 43(8): 2128-2139. doi: 10.11999/JEIT210003
引用本文: 严迎建, 赵聪慧, 刘燕江. 基于多维结构特征的硬件木马检测技术[J]. 电子与信息学报, 2021, 43(8): 2128-2139. doi: 10.11999/JEIT210003
Yingjian YAN, Conghui ZHAO, Yanjiang LIU. Hardware Trojan Detection Based on Multiple Structural Features[J]. Journal of Electronics & Information Technology, 2021, 43(8): 2128-2139. doi: 10.11999/JEIT210003
Citation: Yingjian YAN, Conghui ZHAO, Yanjiang LIU. Hardware Trojan Detection Based on Multiple Structural Features[J]. Journal of Electronics & Information Technology, 2021, 43(8): 2128-2139. doi: 10.11999/JEIT210003

基于多维结构特征的硬件木马检测技术

doi: 10.11999/JEIT210003
详细信息
    作者简介:

    严迎建:男,1973年生,教授,研究方向为安全专用芯片设计技术等

    赵聪慧:女,1995年生,硕士生,研究方向为安全专用芯片设计与防护

    刘燕江:男,1990年生,讲师,研究方向为硬件木马检测、安全专用芯片设计技术等

    通讯作者:

    赵聪慧 1024600921@qq.com

  • 中图分类号: TN918; TP309+.1

Hardware Trojan Detection Based on Multiple Structural Features

  • 摘要: 硬件木马是第三方知识产权(IP)核的主要安全威胁,现有的安全性分析方法提取的特征过于单一,导致特征分布不够均衡,极易出现较高的误识别率。该文提出了基于有向图的门级网表抽象化建模算法,建立了门级网表的有向图模型,简化了电路分析流程;分析了硬件木马共性特征,基于有向图建立了涵盖扇入单元数、扇入触发器数、扇出触发器数、输入拓扑深度、输出拓扑深度、多路选择器和反相器数量等多维度硬件木马结构特征;提出了基于最近邻不平衡数据分类(SMOTEENN)算法的硬件木马特征扩展算法,有效解决了样本特征集较少的问题,利用支持向量机建立硬件木马检测模型并识别出硬件木马的特征。该文基于Trust_Hub硬件木马库开展方法验证实验,准确率高达97.02%,与现有文献相比真正类率(TPR)提高了13.80%,真负类率(TNR)和分类准确率(ACC)分别提高了0.92%和2.48%,在保证低假阳性率的基础上有效识别硬件木马。
  • 图  1  IP核安全隐患分析

    图  2  门级网表等效电路图

    图  3  门级网表的有向图模型

    图  4  有向图的十字链表结构

    图  5  RS232-T1400中的硬件木马电路及其有向图模型

    图  6  RS232-T1200中的硬件木马电路及其有向图模型

    图  7  RS232-T1300中的硬件木马电路及其有向图模型

    图  8  s15850-T100中的硬件木马电路及其有向图模型

    图  9  s35932-T300中的硬件木马电路及其有向图模型

    图  10  基于SVM的硬件木马识别流程

    图  11  不同参数下SVM分类器的实验数据

    图  12  s15850电路在不同参数下的实验结果

    表  1  硬件木马结构特征描述

    结构特征具体描述
    FAN_IN距离单元n 4级逻辑门的扇入单元总数
    FF_IN从输入方向距离单元n 4级逻辑门的触发器单元数目
    FF_OUT从输出方向距离单元n 4级逻辑门的触发器单元数目
    DPI单元n距最近的基本输入的距离
    DPO单元n距最近的基本输出的距离
    MUX单元n前后4级包含的多路选择器数量
    INV单元n前后4级包含的反相器数量
    下载: 导出CSV

    表  2  基于广度优先搜索的硬件木马特征扩展算法

     输入:${\boldsymbol{G}},n,m$
     输出:${\boldsymbol{\psi}} $
     (1)  for $i \le n$ do
     (2)   for $j \le 7$ do
     (3)    ${\boldsymbol{Q}}$←intialize();
     (4)    ${\boldsymbol{Q}}$←enqueue(vi);
     (5)    while ${\boldsymbol{Q} } = \varnothing$ and $f < m$
     (6)     $v$←dequeue(${\boldsymbol{Q}}$);
     (7)     ${\boldsymbol{\varPhi}} $←adjacentEdges(G, $v$);
     (8)      for $w \in {\boldsymbol{\varPhi}} $ do
     (9)      ${\boldsymbol{Q}}$← enqueue($w$);
     (10)      Endfor
     (11)    Endwhile
     (12)    ${\boldsymbol{\psi}} (i,j) \leftarrow {F_j}({v_i})$;
     (13)   Endfor
     (14)  Endfor
    下载: 导出CSV

    表  3  木马电路的具体描述

    测试电路电路规模木马单元数量正常单元数量触发电路类型触发概率木马功能
    RS232-T100024213229组合型3.55×10–13改变功能
    RS232-T110024412232时序型3.55×10–13改变功能
    RS232-T120024314229时序型5.00×10–11改变功能
    RS232-T13002409231时序型8.00×10–10改变功能
    RS232-T140024213230时序型5.20×10–15改变功能
    RS232-T150024314229时序型3.55×10–13改变功能
    RS232-T160024112229时序型5.77×10–9改变功能
    s15850-T1002432282404混合型拒绝服务,改变功能
    s35932-T1005999165983混合型改变功能,泄露信息
    s35932-T2005999125987组合型拒绝服务
    s35932-T3006019365983组合型拒绝服务,降低性能
    s38417-T1005677125665组合型1.42×10–7改变功能,拒绝服务
    s38417-T2005680155665组合型1.66×10–44改变功能,拒绝服务
    s38417-T3005711465665混合型1.66×10–44改变功能,拒绝服务
    s38584-T100702697017组合型改变功能,拒绝服务
    下载: 导出CSV

    表  4  本文方法实验结果及与现有方法的比较(%)

    测试电路文献[16]文献[17]本文
    TPRTNRACCTPRTNRACCTPRTNRACC
    RS232_T1000100.0098.9099.06100.0096.7797.08100.0099.5099.59
    RS232_T110050.0098.2092.81100.0097.5897.78100.0099.0299.18
    RS232_T120088.20100.0098.76100.0096.6796.9264.29100.0097.94
    RS232_T1300100.00100.00100.0088.8997.6497.06100.0099.0298.75
    RS232_T140097.8099.6099.6991.6797.5296.9992.3198.5198.35
    RS232_T150094.9099.0099.0792.3196.8896.45100.0099.5099.59
    RS232_T160093.10100.0098.4490.0096.2495.8083.33100.0099.17
    s15850_T10077.80100.0099.7195.8395.0595.0674.0794.1893.96
    s35932_T10073.30100.0099.9491.67100.0095.06100.0098.8898.98
    s35932_T2008.30100.0099.83100.0099.4699.508.3399.4199.28
    s35932_T30081.10100.0099.8837.50100.0083.7497.2299.2399.29
    s38417_T10033.30100.0099.8691.6797.3097.2233.3399.7499.59
    s38417_T20046.70100.0099.8686.6795.6495.5046.6789.9989.88
    s38417_T30075.00100.0099.8130.0091.8989.22100.0099.1699.21
    s38584_T1005.30100.0099.7387.5086.7486.7466.6782.6082.58
    平均值68.3299.7199.1085.5896.3694.6777.7597.2597.02
    下载: 导出CSV
  • [1] LIU Yanjiang, HE Jiaji, MA Haocheng, et al. Golden chip free Trojan detection leveraging probabilistic neural network with genetic algorithm applied in the training phase[J]. Science China Information Sciences, 2020, 63(2): 129401. doi: 10.1007/s11432-019-9803-8
    [2] 张伟, 冯建华. IP保护方法研究进展[J]. 微纳电子与智能制造, 2020, 2(1): 95–101. doi: 10.19816/j.cnki.10-1594/tn.2020.01.095

    ZHANG Wei and FENG Jianhua. Research progress on IP protection techniques[J]. Micro/Nano Electronics and Intelligent Manufacturing, 2020, 2(1): 95–101. doi: 10.19816/j.cnki.10-1594/tn.2020.01.095
    [3] OYA M, SHI Youhua, YANAGISAWA M, et al. A score-based classification method for identifying hardware-Trojans at gate-level netlists[C]. 2015 Design, Automation & Test in Europe Conference & Exhibition, Grenoble, France, 2015: 465–470. doi: 10.7873/DATE.2015.0352.
    [4] YAO Song, CHEN Xiaoming, ZHANG Jie, et al. FASTrust: Feature analysis for third-party IP trust verification[C]. 2015 IEEE International Test Conference, Anaheim, USA, 2015: 1–10. doi: 10.1109/TEST.2015.7342417.
    [5] HASEGAWA K, OYA M, YANAGISAWA M, et al. Hardware Trojans classification for gate-level netlists based on machine learning[C]. The 22nd IEEE International Symposium on On-Line Testing and Robust System Design, Sant Feliu de Guixols, Spain, 2016: 203–206. doi: 10.1109/IOLTS.2016.7604700.
    [6] CHEN Fuqiang and LIU Qiang. Single-triggered hardware Trojan identification based on gate-level circuit structural characteristics[C]. 2017 IEEE International Symposium on Circuits and Systems, Baltimore, USA, 2017: 1–4. doi: 10.1109/ISCAS.2017.8050673.
    [7] LI Chensheng, QIN Xiaowei, XU Xiaodong, et al. Scalable graph convolutional networks with fast localized spectral filter for directed graphs[J]. IEEE Access, 2020, 8: 105634–105644. doi: 10.1109/ACCESS.2020.2999520
    [8] SAADATNIAKI F, XIN Ran, and KHAN U A. Decentralized optimization over time-varying directed graphs with row and column-stochastic matrices[J]. IEEE Transactions on Automatic Control, 2020, 65(11): 4769–4780. doi: 10.1109/TAC.2020.2969721
    [9] 薛春艳. 基于邻接表结构的拓扑排序的全序列算法研究[J]. 现代计算机, 2016(19): 74–76. doi: 10.3969/j.issn.1007-1423.2016.19.018

    XUE Chunyan. Research on the algorithm for all topology sorting based on adjacency list structure[J]. Modern Computer, 2016(19): 74–76. doi: 10.3969/j.issn.1007-1423.2016.19.018
    [10] Trust-HUB. Chip-level Trojan benchmarks[EB/OL]. https://www.trust-hub.org/benchmarks/chip-level-trojan.2020.09.
    [11] MANJU B R and NAIR A R. Classification of cardiac arrhythmia of 12 lead ECG using combination of SMOTEENN, XGBoost and machine learning algorithms[C]. The 9th International Symposium on Embedded Computing and System Design, Kollam, India, 2019: 1–7. doi: 10.1109/ISED48680.2019.9096244.
    [12] 刘东启. 基于支持向量机的不平衡数据分类算法研究[D]. [硕士论文], 浙江大学, 2017.

    LIU Dongqi. Support vector machine based classification algorithms research for imbalanced data[D]. [Master dissertation], Zhejiang University, 2017.
    [13] 张剑飞, 王真, 崔文升, 等. 一种基于SVM的不平衡数据分类方法研究[J]. 东北师大学报: 自然科学版, 2020, 52(3): 96–104. doi: 10.16163/j.cnki.22-1123/n.2020.03.014

    ZHANG Jianfei, WANG Zhen, CUI Wensheng, et al. Research on an unbalanced data classification method based on SVM[J]. Journal of Northeast Normal University:Natural Science Edition, 2020, 52(3): 96–104. doi: 10.16163/j.cnki.22-1123/n.2020.03.014
    [14] KOK C H, OOI C Y, MOGHBEL M, et al. Classification of Trojan nets based on SCOAP values using supervised learning[C]. 2019 IEEE International Symposium on Circuits and Systems, Sapporo, Japan, 2019: 1–5. doi: 10.1109/ISCAS.2019.8702462.
    [15] 魏建安, 黄海松, 康佩栋. 针对不平衡数据的PSO-DEC-IFSVM分类算法[J]. 数据采集与处理, 2019, 34(4): 723–735. doi: 10.16337/j.1004-9037.2019.04.018

    WEI Jian’an, HUANG Haisong, and KANG Peidong. PSO-DEC-IFSVM classification algorithm for unbalanced data[J]. Journal of Data Acquisition &Processing, 2019, 34(4): 723–735. doi: 10.16337/j.1004-9037.2019.04.018
    [16] HASEGAWA K, YANAGISAWA M, and TOGAWA N. Trojan-feature extraction at gate-level netlists and its application to hardware-Trojan detection using random forest classifier[C]. 2017 IEEE International Symposium on Circuits and Systems, Baltimore, USA, 2017: 1–4. doi: 10.1109/ISCAS.2017.8050827.
    [17] 高良俊, 于金星, 陈鑫, 等. 基于特征提取和SVM的硬件木马检测方法[J]. 微电子学, 2020, 50(6): 914–919. doi: 10.13911/j.cnki.1004-3365.200034

    GAO Liangjun, YU Jinxing, CHEN Xin, et al. Hardware Trojan detection method based on feature extraction and SVM[J]. Microelectronics, 2020, 50(6): 914–919. doi: 10.13911/j.cnki.1004-3365.200034
  • 加载中
图(12) / 表(4)
计量
  • 文章访问数:  1197
  • HTML全文浏览量:  672
  • PDF下载量:  119
  • 被引次数: 0
出版历程
  • 收稿日期:  2021-01-04
  • 修回日期:  2021-03-10
  • 网络出版日期:  2021-06-24
  • 刊出日期:  2021-08-10

目录

    /

    返回文章
    返回